The Benefits and Risks of Mobile Access To Manufacturing Information

The much-talked-about Bring Your Own Device (BYOD) trend[1] has positive potential for better communication and collaboration throughout the manufacturing process. However, the use of mobile devices for content and process management has raised questions about information security in demanding and heavily regulated manufacturing environments where protecting confidential data is of the utmost importance.

In my experience within the document management and quality management space, I've seen several real-world use cases where the use of mobile devices has resulted in dramatic operational benefits for manufacturers.

For example, the ability to create change requests and track deviations on-site immediately using a mobile device results in a faster and more efficient process for providing quality-related feedback and insight, which in turn has a direct and measureable impact on quality and efficiency. In this example, the ability to capture and document the event or incident with a photo and location-based tracking mechanisms via a mobile device not only improves the accuracy of the tracked event, but does so in a faster and more timely fashion. In instances where others in the organization must review and sign off on a change request or deviation, mobile devices can also be utilized to make this process more efficient. Staff members can review and approve a new standard operating procedure (SOP) directly from their smartphone or tablet while they're out of the office.

If a manufacturer is considering allowing its employees to use their mobile devices for accessing business documents and participating in related workflows, they must be willing to publish content in the cloud. Ensuring that only authorized personnel can access certain content is essential — regardless of whether information is accessed via an on-premise document repository or via the cloud from a mobile device. However, if you provide users with access to a cloud repository via their smart phone or tablet, then you should not only establish and enforce strict password policies, but also consider requiring multi-factor authentication such as SMS tokens, or some other additional layer of security. Encrypting data residing in the cloud, both in transit and at rest, is another method for ensuring a high level of cloud infrastructure security.

Content Security

With encryption and password mechanisms in place, you can prevent unauthorized access to content. However, the most common and significant information security threat often comes from inside an organization. For example, are your employees able to copy and/or save content outside of your repository? Are you able to ensure that confidential documents are not shared via unsecured email or via employees' personal Dropbox accounts? Furthermore, are you able to guarantee that employees are always working from the most current and accurate version of the document? The key to addressing these concerns is to maintain your organization's content in the same system while also leveraging strict content control capabilities such as controlled printing and copy features.

Audit Trails and Regulatory Compliance

While most of us agree that mobile devices can enhance collaboration and streamline document-intensive manufacturing processes, the real challenge is to be able to do so securely, while also adhering to regulatory standards and compliance mandates. For example, the person within a manufacturing organization who must approve the new version of an SOP may be able to access the document and sign off on it, but there must be documented evidence that they have done so. Similarly, even though employees can probably read a new training manual from their iPad, their managers must be able to prove that they have done so. Collecting evidence that specific processes have been followed is often one of the most challenging aspects of a manufacturer's quality system. Maintaining all content in a single system that has the ability to produce a complete audit trail that details when all pertinent employees and read and/or approved specific documents throughout the entire process, along with electronic signature support, is the key to mitigate this risk.

By carefully evaluating and addressing potential security risks, manufacturers can reap significant benefits from allowing their employees to use smart phone and tablets. Manufacturers can keep their personnel connected, informed and on task, while also ensuring confidential information is protected and secured.

Mika Javanainen is in charge of managing and developing M-Files product portfolio, roadmaps and pricing globally. As a Director of the M-Files Product Management Unit, he leads and supervises M-Files Product Managers and works closely together with M-Files Product Development and Marketing teams to design and develop new products and features leveraging his long experience with enterprise content management (ECM) and M-Files technology. Mika has an executive MBA Diploma in International Business and Marketing.